<?php
/**
 *
 * Application for the function: Account Details
 *
 * This page will display the user's account details as well as allowing
 * them to modify (add/change/delete) those info.
 *
 *
 * @author Chi Zhang
 * @version 1.0
 * @package dummy-auto
 *
 */

include('../config.inc');
require('dummy-app.inc');

session_start();
if ( ! (session_id() && isset($_SESSION['unum'])) ) {

        $tree = make_app("Account Details :: Invalid User!");
        $app = $tree->app;
        $app->addChild('p', "Please Login Before Using This Function.");

        session_end();
        echo $tree->asXML();
        exit;
}


$acc_dtl = "
        select  Name,
                BilingAddr,
                Phone,
                Email
          from  Customer
         where  CustomerNum = $_SESSION[unum];
";

if (! ($sql_list_1 = mysql_query($acc_dtl)) ) exit_404(mysql_error());

if (mysql_num_rows($sql_list_1) != 1) {
        $tree = make_app("Account Details :: Error!!!");
        $app = $tree->app;
        $app->addChild('h2', "Fatal Error: Account Details not found!");
        $app->addChild('p', "Please contact us or stop by at one of our dealership.");

        echo $tree->asXML();
        exit;
}


$row = mysql_fetch_array($sql_list_1);


if ($_GET['action'] == 'modify') {

        $tree = make_app("Account Details :: Modify");
        $app = $tree->app;
        $app->h2 = "Modifying Account Details";
        $app->form['action'] = 'app/account.php';
        $form = $app->form;

        $form->label[] = 'Full Name: ';
        add_child($form, 'input', 
                  array('name' => 'uname', 'type' => 'text',
                        'value' => "$row[0]")
                );

        $form->label[] = 'Address: ';
        add_child($form, 'input', 
                  array('name' => 'addr', 'type' => 'text',
                        'value' => "$row[1]")
                );

        $form->label[] = 'Phone Number: ';
        add_child($form, 'input', 
                  array('name' => 'phone', 'type' => 'text',
                        'value' => "$row[2]")
                );

        $form->label[] = 'Email: ';
        add_child($form, 'input', 
                  array('name' => 'email', 'type' => 'text',
                        'value' => "$row[3]")
                );

        $form->addChild('p')->addChild('input');
        $form->p->input['type'] = 'submit';
        $form->p->input['name'] = 'modi_submit';
        $form->p->input['value'] = 'submit';

        $form->p->addChild('input');
        $form->p->input[1]['type'] = 'reset';
        $form->p->input[1]['value'] = 'reset';

} elseif ($_GET['modi_submit']) {

        if ($_GET['uname']) {

                if (! mysql_query("
                        update  Customer
                           set  Name = '$_GET[uname]',
                                BilingAddr = '$_GET[addr]',
                                Phone = '$_GET[phone]',
                                Email = '$_GET[email]'
                         where  CustomerNum = $_SESSION[unum];
                        ") ) exit_404(mysql_error());

                if (! mysql_query("commit;")) exit_404(mysql_error());
                    
        } else exit_404('You must fill your name!');

        $tree = make_app("Account Details :: Update Successded");
        $app = $tree->app;
        $app->addChild('h2', "Account details have been updated successfully!");

        $app->addChild('input');
        $app->input['type'] = 'button';
        $app->input['value'] = 'Get Back';
        $app->input['onclick'] = "load_app('account')";

} elseif ($_GET['action'] == 'chpa') {

        $tree = make_app("Account Details :: Change Password");
        $app = $tree->app;
        $app->h2 = "Change the login password for this site:";
        $app->form['action'] = 'app/account.php';
        $form = $app->form;

        $form->label[] = 'Enter your current password: ';
        add_child($form, 'input', 
                array('name' => 'upass0', 'type' => 'password'));

        $form->label[] = 'Choose your new password: ';
        add_child($form, 'input', 
                array('name' => 'upass1', 'type' => 'password'));

        $form->label[] = 'Retype your new password: ';
        add_child($form, 'input', 
                array('name' => 'upass2', 'type' => 'password'));

        $form->addChild('p')->addChild('input');
        $form->p->input['type'] = 'submit';
        $form->p->input['name'] = 'chpa_submit';
        $form->p->input['value'] = 'submit';

        $form->p->addChild('input');
        $form->p->input[1]['type'] = 'reset';
        $form->p->input[1]['value'] = 'reset';

} elseif ($_GET['chpa_submit']) {

        if (! ($old_pa = mysql_query("
                        select  Passwd
                          from  Login_Info
                         where  CustomerNum = '$_SESSION[unum]';
                    ")) ) exit_404(mysql_error());

        if (mysql_num_rows($old_pa) != 1) {
                $tree = make_app("Account Details :: Error!!!");
                $app = $tree->app;
                $app->addChild('h2', "Fatal Error: Login password not unique!");
                $app->addChild('p', "Please contact us or stop by at one of our dealership.");

                echo $tree->asXML();
                exit;

        }

        $row = mysql_fetch_array($old_pa);
        if ($row[0] != $_GET['upass0'])
                exit_404('Invalid current password');

        if ($_GET['upass1'] != $_GET['upass2'])
                exit_404('Unmatched password');

        if (! $_GET['upass1'])
                exit_404('You must enter the new password');


        if (! mysql_query("
                update  Login_Info
                   set  Passwd = '$_GET[upass1]'
                 where  CustomerNum = $_SESSION[unum];
                ") ) exit_404(mysql_error());

        if (! mysql_query("commit;")) exit_404(mysql_error());


        $tree = make_app("Account Details :: Update Successded");
        $app = $tree->app;
        $app->addChild('h2', "Login password have been updated successfully!");

        $app->addChild('input');
        $app->input['type'] = 'button';
        $app->input['value'] = 'Get Back';
        $app->input['onclick'] = "load_app('account')";

} else {
        $tmp = array(
                "Name: ", "Biling Address: ", "Phone Number: ",
                "E-mail: ", "Car Owned: ", "Dealer: "
                );


        $tree = make_app("Account Details :: Show");
        $app = $tree->app;
        $app->addChild('h2', "Account Details:");
        $app->addChild('table');

        for ($i=0; $i < 4; $i++)
        {
                $app->table->addChild('tr');
                $app->table->tr[$i]->addChild('td', $tmp[$i]);
                $app->table->tr[$i]->addChild('td', $row[$i]);
        }


        if (! ($car_owned = mysql_query("
                        select  S.VIN,
                                E.Name
                          from  Customer C,
                                Sale S,
                                Employee E
                         where  C.CustomerNum = S.CustomerNum
                           and  S.EmpID = E.EmpID
                           and  C.CustomerNum = $_SESSION[unum];
                    ")) ) exit_404(mysql_error());

        $app->addChild('br');
        $app->addChild('table');
        $app->table[1]->addChild('tr')->addChild('td', $tmp[4]);
        $app->table[1]->tr->addChild('td', $tmp[5]);

        for ($i=0; $i < mysql_num_rows($car_owned); $i++)
        {
                $row = mysql_fetch_array($car_owned);

                $app->table[1]->addChild('tr');
                $app->table[1]->tr[$i+1]->addChild('td', $row[0]);
                $app->table[1]->tr[$i+1]->addChild('td', $row[1]);
        }

        $app->addChild('br');
        $app->addChild('input');
        $app->input['type'] = 'button';
        $app->input['value'] = 'Modify';
        $app->input['onclick'] = "load_app('account', 'action=modify')";

        $app->addChild('input');
        $app->input[1]['type'] = 'button';
        $app->input[1]['value'] = 'Change Password';
        $app->input[1]['onclick'] = "load_app('account', 'action=chpa')";

        $app->addChild('input');
        $app->input[2]['type'] = 'button';
        $app->input[2]['value'] = 'Logout';
        $app->input[2]['onclick'] = "Auth.logout()";
}

echo $tree->asXML();
?>
